Table 3.1 (continued)
ASSOCIATED DATA
NAME DESCRIPTION STRUCTURE
Load Configuration Table Contains a variety of image IMAGE_LOAD_
configuration elements, such CONFIG_
as a special LOCK prefix table DIRECTORY
(which can modify an image
in load time to accommodate
for uniprocessor or
multiprocessor systems). This
table also contains information
for a special security feature
that lists the legitimate
exception handlers in the
module (to prevent malicious
code from installing an illegal
exception handler).
Bound Import Table Contains an additional IMAGE_BOUND_
import-related table that IMPORT_
contains information on DESCRIPTOR
boundimport entries. A
bound import means that the
importing executable contains
actual addresses into the
exporting module. This
directory is used for confirming
that such addresses are
still valid.
Import Address Table (IAT) Contains a list of entries for A list of 32-bit
each function imported from pointers
the current module. These
entries are initialized in load
time to the actual addresses
of the imported functions.
Delay Import Descriptor Contains special information ImgDelayDescr
that can be used for
implementing a delayed-load
importing mechanism whereby
an imported function is only
resolved when it is first called.
This mechanism is not
supported by the operating
system and is implemented
by the C runtime library.102 Chapter 3